[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fast review of draft-ietf-pkix-ocsp-06.txt

To: ietf-pkix@xxxxxxx, Peter.Sylvester@xxxxxxxxxx
Subject: Re: fast review of draft-ietf-pkix-ocsp-06.txt
From: Dan Weinstein <danjw1@xxxxxxxxxxx>
Date: Fri, 18 Sep 1998 01:41:01 -0700
Sender: owner-ietf-pkix@xxxxxxx

>some remarks about the lastest OCSP draft:
>
>- It seems that the remarks about not knowing the public
>  key of an issuer are not addressed. 
>
>  It seems sufficient to ME to allow that the
>  hash of the issure private key MAY be a length 0 octet string,
>  something like that, or one might add the public
>  key of the OCSP responder instead. 
>
>  Thoughts?

I thought the issue with this was that in a case of a request where the
certificate was sent in place of the certID, a response could not be
formed unless the responder already had the issuer cert (or at least
knew its key hash).  This has been dealt with, since request now must
have a certID for each requested cert.  Was there some additional issue
I wasn't aware of?

Dan Weinstein
danjw1@pacbell.net

Prev by Date: Re: Testing the ASN.1 in Part 1
Next by Date: Re: fast review of draft-ietf-pkix-ocsp-06.txt
Previous by thread: Re: fast review of draft-ietf-pkix-ocsp-06.txt
Next by thread: Re: fast review of draft-ietf-pkix-ocsp-06.txt
Index(es):
- Date
- Thread